diff options
| author | mo khan <mo@mokhan.ca> | 2014-06-06 21:31:47 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2014-06-06 21:31:47 -0600 |
| commit | bd8f6b7dc75b2cb238efa677317cb198fc8acb4b (patch) | |
| tree | f0fad43eed57633f5c6eae5504f6259f8acac237 /app | |
| parent | d481e4bac147388e5148d388310f32acdfd994c1 (diff) | |
add specs for sanitizing a filename.
Diffstat (limited to 'app')
| -rw-r--r-- | app/models/photo.rb | 6 | ||||
| -rw-r--r-- | app/services/infrastructure/image.rb | 17 |
2 files changed, 18 insertions, 5 deletions
diff --git a/app/models/photo.rb b/app/models/photo.rb index 201513b4..1602e226 100644 --- a/app/models/photo.rb +++ b/app/models/photo.rb @@ -2,10 +2,6 @@ class Photo < ActiveRecord::Base belongs_to :creation, counter_cache: true, touch: true #mount_uploader :image, PhotoUploader - #def thumb_url - #image.thumb.url - #end - def watermark return '' if creation.nil? creation.watermark @@ -16,8 +12,8 @@ class Photo < ActiveRecord::Base end def upload(file, blob_storage) - self.original_filename = File.basename(file) image = Image.new(file) + self.original_filename = image.filename versions.each do |version| version.adjust(image) blob_storage.upload(create_key(version.prefix), image.path) diff --git a/app/services/infrastructure/image.rb b/app/services/infrastructure/image.rb index c5bcb165..5333c3e2 100644 --- a/app/services/infrastructure/image.rb +++ b/app/services/infrastructure/image.rb @@ -5,6 +5,10 @@ class Image @path = path end + def filename + @filename ||= sanitize(@path) + end + def resize_to_fit(width, height) manipulate! do |img| img.resize "#{width}x#{height}" @@ -55,4 +59,17 @@ class Image message = I18n.translate(:"errors.messages.mini_magick_processing_error", :e => e, :default => default) raise CarrierWave::ProcessingError, message end + + def sanitize(name) + name = name.gsub("\\", "/") + name = File.basename(name) + name = name.gsub(sanitize_regexp,"_") + name = "_#{name}" if name =~ /\A\.+\z/ + name = "unnamed" if name.size == 0 + return name.mb_chars.to_s + end + + def sanitize_regexp + /[^a-zA-Z0-9\.\-\+_]/ + end end |